Preventing Fraud
Five Best Practices for Safeguarding Against Ransomware Attacks:
- Backup your data, system images, and configurations, regularly test them, and keep the backups offline: Ensure that backups are regularly tested and that they are not connected to the business network, as many ransomware variants try to find and encrypt or delete accessible backups. Maintaining current backups offline is critical because if your network data is encrypted with ransomware, your organization can restore systems.
- Update and patch systems promptly: This includes maintaining the security of operating systems, applications, and firmware, in a timely manner. Consider using a centralized patch management system; use a risk-based assessment strategy to drive your patch management program.
- Test your incident response plan: There’s nothing that shows the gaps in plans more than testing them. Run through some core questions and use those to build an incident response plan: Are you able to sustain business operations without access to certain systems? For how long? Would you turn off your manufacturing operations if business systems such as billing were offline?
- Check your security team’s work: Use a 3rd party pen tester to test the security of your systems and your ability to defend against a sophisticated attack. Many ransomware criminals are aggressive and sophisticated and will find the equivalent of unlocked doors.
- Segment your networks: There’s been a recent shift in ransomware attacks – from stealing data to disrupting operations. It’s critically important that your corporate business functions and manufacturing/production operations are separated and that you carefully filter and limit internet access to operational networks, identify links between these networks and develop workarounds or manual controls to ensure ICS networks can be isolated and continue operating if your corporate network is compromised. Regularly test contingency plans such as manual controls so that safety-critical functions can be maintained during a cyber incident
Stay Ahead of the Scam- Call Spoofing
Call spoofing is a tactic used by criminals to make a fraudulent call appear legitimate. These scammers transmit text to your caller ID making it look like your bank, the government, or a trusted company is calling. So how do you stay ahead of the scam?
- Be cautious if your caller ID indicates Union Bank, the government, or other organization is calling.
- Be suspicious. No legitimate organization will call you and request your account number, PIN, debit card, online banking credentials, or social security number.
- Don’t be intimidated. No legitimate organization will threaten you with arrest, require you to purchase gift cards to settle a debt, or ask you to conduct test transactions.
- Don’t be fooled. Scammers often do research on their victims and know personal information such as children’s/grandchildren’s names, dates of birth, or home addresses and will use this to attempt to sound legitimate.
If you are unsure about the legitimacy of a phone call that appears to be coming from Union Bank, hang up immediately and call your local branch or our Customer Care Team at 800.753.4343.
Scammers are always finding new ways to exploit victims. These basic precautions can help keep you from becoming a victim of fraud:
- Never share financial or personal information (passwords, social security numbers, accounts, PINs, etc.)
- Do not answer or follow links in suspicious emails. These could be attempts to trick you into revealing private information.
- Change passwords regularly and never use a date of birth or social security number as your password.
- Make sure your internet shopping sites use proper security (see “about our security” for more information).
- Consider receiving electronic instead of printed statements to avoid mail fraud.
- Monitor your accounts frequently and call us immediately at 1.800.753.4343 if you notice any suspicious activity.
- Make sure your computer is protected with anti-virus and firewall software and that security updates/patches are done automatically.
- If traveling abroad, do not use a publicly available computer for Internet banking unless you are sure it has been properly secured. If you will be using your debit card, be sure to advise our Electronic Banking Department before you travel.
- Don’t share credit card numbers or other personal information unless you’re buying from a company you know and trust.
- Don’t do business with a company that won’t give its name, address and telephone number.
Union Bank will NEVER solicit your personal information via email, text message or telephone call. If you receive an email or text asking for personal information regarding passwords, accounts etc., simply delete it. If you receive a suspicious communication from us, please let us know immediately.
Preventing Fraud Tips PDF
Related Resources
Return to top